From 2e8ce747ddd5cd69c63d73a4aa0c3fba2ff9c4b5 Mon Sep 17 00:00:00 2001 From: jbanic Date: Mon, 20 Feb 2023 15:09:24 +0100 Subject: [PATCH] Update 'SambaInstall.md' --- SambaInstall.md | 156 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 154 insertions(+), 2 deletions(-) diff --git a/SambaInstall.md b/SambaInstall.md index 964eb82..746790d 100644 --- a/SambaInstall.md +++ b/SambaInstall.md @@ -1,5 +1,157 @@ +##Install Samba server + ```bash sudo apt install samba smbclient cifs-utils -y -sudo apt-get install samba-vfs-modules -``` \ No newline at end of file +sudo apt-get install samba-vfs-modules -y +``` + +```bash +mkdir public + +touch /home/canary/public/finance.xlsx +``` + +```bash +sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.backup + +sudo nano /etc/samba/smb.conf +``` + +```bash +[global] + interfaces = 195.130.34.133/28 eth0 + workgroup = csec.local + server string = FileServer + netbios name = FILESRV01 + dns proxy = no + log file = /var/log/samba/log.all + log level = 0 + max log size = 100 + panic action = /usr/share/samba/panic-action %d + #samba 4 + server role = standalone server + #samba 3 + #security = user + passdb backend = tdbsam + obey pam restrictions = yes + unix password sync = no + map to guest = bad user + usershare allow guests = yes + load printers = no + vfs object = full_audit + full_audit:prefix = %U|%I|%i|%m|%S|%L|%R|%a|%T|%D + full_audit:success = connectpath + #full_audit:success = connect connectpath open + #full_audit:success = fstat + #full_audit:success = pread_recv pread_send + full_audit:failure = none + full_audit:facility = local7 + full_audit:priority = notice +[public] + comment = All the stuff! + path = /home/canary/public + guest ok = yes + read only = yes + browseable = yes +``` + +sudo nano /etc/rsyslog.conf + +# /etc/rsyslog.conf configuration file for rsyslog +# +# For more information install rsyslog-doc and see +# /usr/share/doc/rsyslog-doc/html/configuration/index.html + + +################# +#### MODULES #### +################# + +module(load="imuxsock") # provides support for local system logging +module(load="imklog") # provides kernel logging support +#module(load="immark") # provides --MARK-- message capability + +# provides UDP syslog reception +#module(load="imudp") +#input(type="imudp" port="514") + +# provides TCP syslog reception +#module(load="imtcp") +#input(type="imtcp" port="514") + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + +############### +#### RULES #### +############### + +# +# First some standard log files. Log by facility. +# +auth,authpriv.* /var/log/auth.log +*.*;auth,authpriv.none -/var/log/syslog +#cron.* /var/log/cron.log +daemon.* -/var/log/daemon.log +kern.* -/var/log/kern.log +lpr.* -/var/log/lpr.log +mail.* -/var/log/mail.log +user.* -/var/log/user.log +local7.* /var/log/samba-audit.log + +# +# Logging for the mail system. Split it up so that +# it is easy to write scripts to parse these files. +# +mail.info -/var/log/mail.info +mail.warn -/var/log/mail.warn +mail.err /var/log/mail.err + +# +# Some "catch-all" log files. +# +*.=debug;\ + auth,authpriv.none;\ + mail.none -/var/log/debug +*.=info;*.=notice;*.=warn;\ + auth,authpriv.none;\ + cron,daemon.none;\ + mail.none -/var/log/messages + +# +# Emergencies are sent to everybody logged in. +# +*.emerg :omusrmsg:* + + +sudo touch /var/log/samba-audit.log + +sudo chown root:adm /var/log/samba-audit.log \ No newline at end of file